I maintain many repositories using Gitea Actions, and I’ve run into a lot of pipeline failures due to the smallest of issues. Most commonly it is whitespace differences in YAML files that cause unexpected parsing or complete failures. Recently, I was helping someone debug a workflow where a copy and paste from a different workflow brought in spaces for some lines instead of tabs leading to the pipeline to fail....
Streamlining My GCP SSH Workflow: Using SSH Configuration Tricks
In my use of Google Cloud Platform (GCP), I often recreate virtual machines (VMs), requiring frequent updates to connection information. This process becomes cumbersome, especially when dealing with stale entries in the known_hosts file and managing DNS entries for a growing number of servers. Additionally, using the Identity-Aware Proxy (IAP) requires the use of the gcloud cli for secure access to these servers adds another layer of complexity. What I ended up doing was to leverage my previous experience with SSH configuration files to streamline my workflow....
Use Drone plugins in Gitea Actions
Drone.IO is a CI/CD platform that uses Docker Containers for each pipeline step. This makes it easy to use existing Docker containers as steps in your pipeline. You can go futher and create special containers that are designed to be used as steps in your pipeline that accept arguments from the pipeline to run pre-defined tasks. These plugins can be re-used in Gitea Actions to be able to run the same tasks in Gitea Actions as you would in Drone....
Experimenting with Proxmox on Apple Silicon: Turning Your M1 MacBook Air into a Virtual Datacentre
In an effort to create an easy-to-manage VM environment that I can use on the go, even with spotty internet, I decided to try running Proxmox on my Apple Silicon MacBook Air. I could use Parallels or VMware Fusion, but I instead chose Proxmox to support open-source software. Should the need arise to run production-level workloads, I can always purchase a Proxmox license and deploy it on a dedicated server. The challenging part was that Proxmox doesn’t distribute itself for arm64/aarch64, so I needed to find a way how to do that....
Bye-bye Docker Hub, time to self-host all of my Docker images
One of the great things about Gitea, is that it comes with a built-in Docker registry. This means that you don’t need to be reliant on Docker Hub (or its rate-limits) to host your docker images, or any other OCI compliant image for that matter. In this post, I’ll go over how I migrated some of my docker images from the Docker Hub to my own self-hosted registry in Gitea. I won’t go over the setup of the package registry in Gitea itself, as it’s enabled by default, and I’d rather focus on the migration of images itself....
Let Wireguard clients use your IP Blocks advertised by BGP
As an addendum to my previous post on giving yourself an IPv6 address using wireguard, I wanted to show how, if you are lucky enough to have a IPv4 range before the “great IPv4 exhaustion”, you can assign those addresses to clients using wireguard. Several consumer, prosumer, and enterprise cloud hosts, allow you to advertise your IP range for your cloud servers. Some of these providers are OVH, Vultr, and Equinix Metal, but like last time, I suggest you look into OVH due to their predictable costs around bandwidth, as well you don’t need to configure a BGP connection with them which makes setup much less work....
Giving yourself IPv6 with Wireguard
After many years of asking, my Internet Service Provider (ISP) still doesn’t support IPv6; the same goes for many other ISPs. This is a problem for many reasons, the first being the exhaustion of IPv4 addresses, leading some ISPs to implement “Carrier-Grade NAT” (CGN), where many customers share the same address—the second being that it is getting more and more expensive for small websites to have their own dedicated IPv4 addresses, including cloud providers instituting a cost to have an address....
Instead of Docker-in-Docker, what about Docker-on-Fly?
In my ever-ending quest to do things that are probably not the best idea that aren’t a part of a usual use-case, I wanted to see if I could run a docker daemon on Fly.io. Even though you can think of Fly.io as a “container”-service hosting platform, it’s actually using Firecracker micro-VMs to run your service. They (“transmogrify”)[https://fly.io/blog/docker-without-docker/] Docker images into the micro-VMs they run. This means, it’s much easier to run a docker daemon, as you don’t need to worry about the implications of running the docker daemon inside of a docker container....
Adding SFTP abilities to Namespace.so's ephemeral instances
Namespace.so is a service that provides ephemeral instances (Linux, and macOS) for you to use, primarily used for CI/CD workflows. Similar to Fly.io, it’s another way to not have to manage servers. I’m currently using it to run some of my CI/CD workflows, but I want to play around with it in other ways. One, would to potentially make it a run-on-demand nixpkgs builder, similar to how I have with Fly....
Build your own CDN - Part 3: Allowing bring-your-own domains with automatic TLS certificates
Now that we are able to synch TLS certs and the Caddy configuration across various points-of-prescense, we now need to ensure that Caddy will only request certificates for approved names. As we are doing this for Gitea Pages, we won’t know what the domain names are in advanced and will have to create a validation service to handle this. This approach can also be abstracted to any SaaS that provides the ability for customers to bring their own domain....